diff options
Diffstat (limited to 'components/script/dom')
| -rw-r--r-- | components/script/dom/dedicatedworkerglobalscope.rs | 8 | ||||
| -rw-r--r-- | components/script/dom/eventsource.rs | 1 | ||||
| -rw-r--r-- | components/script/dom/globalscope.rs | 40 | ||||
| -rw-r--r-- | components/script/dom/htmlanchorelement.rs | 4 | ||||
| -rw-r--r-- | components/script/dom/htmlformelement.rs | 6 | ||||
| -rw-r--r-- | components/script/dom/htmliframeelement.rs | 7 | ||||
| -rw-r--r-- | components/script/dom/htmlimageelement.rs | 6 | ||||
| -rw-r--r-- | components/script/dom/htmlmediaelement.rs | 19 | ||||
| -rw-r--r-- | components/script/dom/htmlscriptelement.rs | 3 | ||||
| -rw-r--r-- | components/script/dom/htmlvideoelement.rs | 2 | ||||
| -rw-r--r-- | components/script/dom/location.rs | 2 | ||||
| -rw-r--r-- | components/script/dom/request.rs | 9 | ||||
| -rw-r--r-- | components/script/dom/serviceworkerglobalscope.rs | 27 | ||||
| -rw-r--r-- | components/script/dom/servoparser/prefetch.rs | 1 | ||||
| -rw-r--r-- | components/script/dom/websocket.rs | 5 | ||||
| -rw-r--r-- | components/script/dom/windowproxy.rs | 6 | ||||
| -rw-r--r-- | components/script/dom/workerglobalscope.rs | 2 | ||||
| -rw-r--r-- | components/script/dom/worklet.rs | 13 | ||||
| -rw-r--r-- | components/script/dom/xmlhttprequest.rs | 45 |
19 files changed, 129 insertions, 77 deletions
diff --git a/components/script/dom/dedicatedworkerglobalscope.rs b/components/script/dom/dedicatedworkerglobalscope.rs index c764678b80a..0095429b571 100644 --- a/components/script/dom/dedicatedworkerglobalscope.rs +++ b/components/script/dom/dedicatedworkerglobalscope.rs @@ -330,6 +330,7 @@ impl DedicatedWorkerGlobalScope { let top_level_browsing_context_id = TopLevelBrowsingContextId::installed(); let current_global = GlobalScope::current().expect("No current global object"); let origin = current_global.origin().immutable().clone(); + let referrer = current_global.get_referrer(); let parent = current_global.runtime_handle(); let current_global_https_state = current_global.get_https_state(); @@ -351,16 +352,17 @@ impl DedicatedWorkerGlobalScope { pipeline_id, } = worker_load_origin; - let referrer = referrer_url.map(|referrer_url| Referrer::ReferrerUrl(referrer_url)); + let referrer = referrer_url + .map(|url| Referrer::ReferrerUrl(url)) + .unwrap_or(referrer); - let request = RequestBuilder::new(worker_url.clone()) + let request = RequestBuilder::new(worker_url.clone(), referrer) .destination(Destination::Worker) .mode(RequestMode::SameOrigin) .credentials_mode(CredentialsMode::CredentialsSameOrigin) .parser_metadata(ParserMetadata::NotParserInserted) .use_url_credentials(true) .pipeline_id(Some(pipeline_id)) - .referrer(referrer) .referrer_policy(referrer_policy) .origin(origin); diff --git a/components/script/dom/eventsource.rs b/components/script/dom/eventsource.rs index 4ab9d11f906..49e612cd6eb 100644 --- a/components/script/dom/eventsource.rs +++ b/components/script/dom/eventsource.rs @@ -532,6 +532,7 @@ impl EventSource { Destination::None, Some(cors_attribute_state), Some(true), + global.get_referrer(), ) .origin(global.origin().immutable().clone()) .pipeline_id(Some(global.pipeline_id())); diff --git a/components/script/dom/globalscope.rs b/components/script/dom/globalscope.rs index 987ae4e7c13..f84c0caa4ec 100644 --- a/components/script/dom/globalscope.rs +++ b/components/script/dom/globalscope.rs @@ -94,6 +94,7 @@ use net_traits::filemanager_thread::{ FileManagerResult, FileManagerThreadMsg, ReadFileProgress, RelativePos, }; use net_traits::image_cache::ImageCache; +use net_traits::request::Referrer; use net_traits::response::HttpsState; use net_traits::{CoreResourceMsg, CoreResourceThread, IpcSend, ResourceThreads}; use parking_lot::Mutex; @@ -105,7 +106,7 @@ use script_traits::{ ScriptToConstellationChan, TimerEvent, }; use script_traits::{TimerEventId, TimerSchedulerMsg, TimerSource}; -use servo_url::{MutableOrigin, ServoUrl}; +use servo_url::{ImmutableOrigin, MutableOrigin, ServoUrl}; use std::borrow::Cow; use std::cell::Cell; use std::collections::hash_map::Entry; @@ -2331,6 +2332,43 @@ impl GlobalScope { unreachable!(); } + /// Determine the Referrer for a request whose Referrer is "client" + pub fn get_referrer(&self) -> Referrer { + // Step 3 of https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer + if let Some(window) = self.downcast::<Window>() { + // Substep 3.1 + + // Substep 3.1.1 + let mut document = window.Document(); + + // Substep 3.1.2 + if let ImmutableOrigin::Opaque(_) = document.origin().immutable() { + return Referrer::NoReferrer; + } + + let mut url = document.url(); + + // Substep 3.1.3 + while url.as_str() == "about:srcdoc" { + document = document + .browsing_context() + .expect("iframe should have browsing context") + .parent() + .expect("iframes browsing_context should have parent") + .document() + .expect("iframes parent should have document"); + + url = document.url(); + } + + // Substep 3.1.4 + return Referrer::Client(url); + } else { + // Substep 3.2 + return Referrer::ReferrerUrl(self.get_url()); + } + } + /// Extract a `Window`, panic if the global object is not a `Window`. pub fn as_window(&self) -> &Window { self.downcast::<Window>().expect("expected a Window scope") diff --git a/components/script/dom/htmlanchorelement.rs b/components/script/dom/htmlanchorelement.rs index f61d466afd5..42589dfce36 100644 --- a/components/script/dom/htmlanchorelement.rs +++ b/components/script/dom/htmlanchorelement.rs @@ -650,7 +650,7 @@ pub fn follow_hyperlink(subject: &Element, hyperlink_suffix: Option<String>) { Some(ref link_types) if link_types.Value().contains("noreferrer") => { Referrer::NoReferrer }, - _ => Referrer::Client, + _ => target_window.upcast::<GlobalScope>().get_referrer(), }; // Step 14 @@ -659,7 +659,7 @@ pub fn follow_hyperlink(subject: &Element, hyperlink_suffix: Option<String>) { LoadOrigin::Script(document.origin().immutable().clone()), url, Some(pipeline_id), - Some(referrer), + referrer, referrer_policy, ); let target = Trusted::new(target_window); diff --git a/components/script/dom/htmlformelement.rs b/components/script/dom/htmlformelement.rs index 0c7b09ece74..b9b475e02ff 100644 --- a/components/script/dom/htmlformelement.rs +++ b/components/script/dom/htmlformelement.rs @@ -688,7 +688,7 @@ impl HTMLFormElement { LoadOrigin::Script(doc.origin().immutable().clone()), action_components, None, - Some(Referrer::ReferrerUrl(target_document.url())), + Referrer::ReferrerUrl(target_document.url()), target_document.get_referrer_policy(), ); @@ -840,13 +840,13 @@ impl HTMLFormElement { Some(ref link_types) if link_types.Value().contains("noreferrer") => { Referrer::NoReferrer }, - _ => Referrer::Client, + _ => target.upcast::<GlobalScope>().get_referrer(), }; let referrer_policy = target.Document().get_referrer_policy(); let pipeline_id = target.upcast::<GlobalScope>().pipeline_id(); load_data.creator_pipeline_id = Some(pipeline_id); - load_data.referrer = Some(referrer); + load_data.referrer = referrer; load_data.referrer_policy = referrer_policy; // Step 4. diff --git a/components/script/dom/htmliframeelement.rs b/components/script/dom/htmliframeelement.rs index b36d3641764..2e8a37a88d8 100644 --- a/components/script/dom/htmliframeelement.rs +++ b/components/script/dom/htmliframeelement.rs @@ -30,7 +30,6 @@ use dom_struct::dom_struct; use html5ever::{LocalName, Prefix}; use ipc_channel::ipc; use msg::constellation_msg::{BrowsingContextId, PipelineId, TopLevelBrowsingContextId}; -use net_traits::request::Referrer; use profile_traits::ipc as ProfiledIpc; use script_layout_interface::message::ReflowGoal; use script_traits::IFrameSandboxState::{IFrameSandboxed, IFrameUnsandboxed}; @@ -242,7 +241,7 @@ impl HTMLIFrameElement { LoadOrigin::Script(document.origin().immutable().clone()), url, pipeline_id, - Some(Referrer::ReferrerUrl(document.url())), + window.upcast::<GlobalScope>().get_referrer(), document.get_referrer_policy(), ); let element = self.upcast::<Element>(); @@ -325,7 +324,7 @@ impl HTMLIFrameElement { LoadOrigin::Script(document.origin().immutable().clone()), url, creator_pipeline_id, - Some(Referrer::ReferrerUrl(document.url())), + window.upcast::<GlobalScope>().get_referrer(), document.get_referrer_policy(), ); @@ -352,7 +351,7 @@ impl HTMLIFrameElement { LoadOrigin::Script(document.origin().immutable().clone()), url, pipeline_id, - Some(Referrer::ReferrerUrl(document.url().clone())), + window.upcast::<GlobalScope>().get_referrer(), document.get_referrer_policy(), ); let browsing_context_id = BrowsingContextId::new(); diff --git a/components/script/dom/htmlimageelement.rs b/components/script/dom/htmlimageelement.rs index 2e99e491653..893080edd07 100644 --- a/components/script/dom/htmlimageelement.rs +++ b/components/script/dom/htmlimageelement.rs @@ -63,7 +63,7 @@ use net_traits::image_cache::{ CorsStatus, ImageCache, ImageCacheResult, ImageOrMetadataAvailable, ImageResponse, PendingImageId, PendingImageResponse, UsePlaceholder, }; -use net_traits::request::{CorsSettings, Destination, Initiator, RequestBuilder}; +use net_traits::request::{CorsSettings, Destination, Initiator, Referrer, RequestBuilder}; use net_traits::{FetchMetadata, FetchResponseListener, FetchResponseMsg, NetworkError}; use net_traits::{ReferrerPolicy, ResourceFetchTiming, ResourceTimingType}; use num_traits::ToPrimitive; @@ -297,13 +297,14 @@ pub(crate) enum FromPictureOrSrcSet { pub(crate) fn image_fetch_request( img_url: ServoUrl, origin: ImmutableOrigin, + referrer: Referrer, pipeline_id: PipelineId, cors_setting: Option<CorsSettings>, referrer_policy: Option<ReferrerPolicy>, from_picture_or_srcset: FromPictureOrSrcSet, ) -> RequestBuilder { let mut request = - create_a_potential_cors_request(img_url, Destination::Image, cors_setting, None) + create_a_potential_cors_request(img_url, Destination::Image, cors_setting, None, referrer) .origin(origin) .pipeline_id(Some(pipeline_id)) .referrer_policy(referrer_policy); @@ -383,6 +384,7 @@ impl HTMLImageElement { let request = image_fetch_request( img_url.clone(), document.origin().immutable().clone(), + document.global().get_referrer(), document.global().pipeline_id(), cors_setting_for_element(self.upcast()), referrer_policy_for_element(self.upcast()), diff --git a/components/script/dom/htmlmediaelement.rs b/components/script/dom/htmlmediaelement.rs index 3a5e9880375..27af41c2b0e 100644 --- a/components/script/dom/htmlmediaelement.rs +++ b/components/script/dom/htmlmediaelement.rs @@ -77,7 +77,7 @@ use ipc_channel::router::ROUTER; use media::{glplayer_channel, GLPlayerMsg, GLPlayerMsgForward, WindowGLContext}; use net_traits::image::base::Image; use net_traits::image_cache::ImageResponse; -use net_traits::request::{Destination, Referrer}; +use net_traits::request::Destination; use net_traits::{CoreResourceMsg, FetchChannels, FetchMetadata, FetchResponseListener, Metadata}; use net_traits::{NetworkError, ResourceFetchTiming, ResourceTimingType}; use script_layout_interface::HTMLMediaData; @@ -846,12 +846,17 @@ impl HTMLMediaElement { }; let cors_setting = cors_setting_for_element(self.upcast()); - let request = create_a_potential_cors_request(url.clone(), destination, cors_setting, None) - .headers(headers) - .origin(document.origin().immutable().clone()) - .pipeline_id(Some(self.global().pipeline_id())) - .referrer(Some(Referrer::ReferrerUrl(document.url()))) - .referrer_policy(document.get_referrer_policy()); + let request = create_a_potential_cors_request( + url.clone(), + destination, + cors_setting, + None, + self.global().get_referrer(), + ) + .headers(headers) + .origin(document.origin().immutable().clone()) + .pipeline_id(Some(self.global().pipeline_id())) + .referrer_policy(document.get_referrer_policy()); let mut current_fetch_context = self.current_fetch_context.borrow_mut(); if let Some(ref mut current_fetch_context) = *current_fetch_context { diff --git a/components/script/dom/htmlscriptelement.rs b/components/script/dom/htmlscriptelement.rs index bf3de043ff5..9b9bbb619f7 100644 --- a/components/script/dom/htmlscriptelement.rs +++ b/components/script/dom/htmlscriptelement.rs @@ -324,10 +324,9 @@ pub(crate) fn script_fetch_request( referrer_policy: Option<ReferrerPolicy>, integrity_metadata: String, ) -> RequestBuilder { - create_a_potential_cors_request(url, Destination::Script, cors_setting, None) + create_a_potential_cors_request(url, Destination::Script, cors_setting, None, referrer) .origin(origin) .pipeline_id(Some(pipeline_id)) - .referrer(Some(referrer)) .referrer_policy(referrer_policy) .integrity_metadata(integrity_metadata) } diff --git a/components/script/dom/htmlvideoelement.rs b/components/script/dom/htmlvideoelement.rs index cea37bc173c..2100b70330d 100644 --- a/components/script/dom/htmlvideoelement.rs +++ b/components/script/dom/htmlvideoelement.rs @@ -189,7 +189,7 @@ impl HTMLVideoElement { ) { // Continuation of step 4. let document = document_from_node(self); - let request = RequestBuilder::new(poster_url.clone()) + let request = RequestBuilder::new(poster_url.clone(), document.global().get_referrer()) .destination(Destination::Image) .credentials_mode(CredentialsMode::Include) .use_url_credentials(true) diff --git a/components/script/dom/location.rs b/components/script/dom/location.rs index 5882a024912..48e8ea0c744 100644 --- a/components/script/dom/location.rs +++ b/components/script/dom/location.rs @@ -50,7 +50,7 @@ impl Location { LoadOrigin::Script(document.origin().immutable().clone()), url, Some(pipeline_id), - Some(referrer), + referrer, referrer_policy, ); // TODO: rethrow exceptions, set exceptions enabled flag. diff --git a/components/script/dom/request.rs b/components/script/dom/request.rs index 89d9d54506a..27d2a1e61bc 100644 --- a/components/script/dom/request.rs +++ b/components/script/dom/request.rs @@ -180,7 +180,7 @@ impl Request { // Step 14.2 TODO: "Unset request's reload-navigation flag." // Step 14.3 TODO: "Unset request's history-navigation flag." // Step 14.4 - request.referrer = NetTraitsRequestReferrer::Client; + request.referrer = global.get_referrer(); // Step 14.5 request.referrer_policy = None; } @@ -206,7 +206,7 @@ impl Request { parsed_referrer.path() == "client") || parsed_referrer.origin() != origin { - request.referrer = NetTraitsRequestReferrer::Client; + request.referrer = global.get_referrer(); } else { // Step 15.3.4 request.referrer = NetTraitsRequestReferrer::ReferrerUrl(parsed_referrer); @@ -486,7 +486,8 @@ fn net_request_from_global(global: &GlobalScope, url: ServoUrl) -> NetTraitsRequ let origin = Origin::Origin(global.get_url().origin()); let https_state = global.get_https_state(); let pipeline_id = global.pipeline_id(); - NetTraitsRequest::new(url, Some(origin), Some(pipeline_id), https_state) + let referrer = NetTraitsRequestReferrer::ReferrerUrl(global.get_url()); + NetTraitsRequest::new(url, Some(origin), referrer, Some(pipeline_id), https_state) } // https://fetch.spec.whatwg.org/#concept-method-normalize @@ -567,7 +568,7 @@ impl RequestMethods for Request { let r = self.request.borrow(); USVString(match r.referrer { NetTraitsRequestReferrer::NoReferrer => String::from(""), - NetTraitsRequestReferrer::Client => String::from("about:client"), + NetTraitsRequestReferrer::Client(_) => String::from("about:client"), NetTraitsRequestReferrer::ReferrerUrl(ref u) => { let u_c = u.clone(); u_c.into_string() diff --git a/components/script/dom/serviceworkerglobalscope.rs b/components/script/dom/serviceworkerglobalscope.rs index 840ee81f764..4bea29cda50 100644 --- a/components/script/dom/serviceworkerglobalscope.rs +++ b/components/script/dom/serviceworkerglobalscope.rs @@ -309,18 +309,6 @@ impl ServiceWorkerGlobalScope { pipeline_id, } = worker_load_origin; - let referrer = referrer_url.map(|referrer_url| Referrer::ReferrerUrl(referrer_url)); - - let request = RequestBuilder::new(script_url.clone()) - .destination(Destination::ServiceWorker) - .credentials_mode(CredentialsMode::Include) - .parser_metadata(ParserMetadata::NotParserInserted) - .use_url_credentials(true) - .pipeline_id(Some(pipeline_id)) - .referrer(referrer) - .referrer_policy(referrer_policy) - .origin(origin); - // Service workers are time limited // https://w3c.github.io/ServiceWorker/#service-worker-lifetime let sw_lifetime_timeout = pref!(dom.serviceworker.timeout_seconds) as u64; @@ -333,7 +321,7 @@ impl ServiceWorkerGlobalScope { let resource_threads_sender = init.resource_threads.sender(); let global = ServiceWorkerGlobalScope::new( init, - script_url, + script_url.clone(), devtools_mpsc_port, runtime, own_sender, @@ -344,6 +332,19 @@ impl ServiceWorkerGlobalScope { control_receiver, ); + let referrer = referrer_url + .map(|url| Referrer::ReferrerUrl(url)) + .unwrap_or_else(|| global.upcast::<GlobalScope>().get_referrer()); + + let request = RequestBuilder::new(script_url, referrer) + .destination(Destination::ServiceWorker) + .credentials_mode(CredentialsMode::Include) + .parser_metadata(ParserMetadata::NotParserInserted) + .use_url_credentials(true) + .pipeline_id(Some(pipeline_id)) + .referrer_policy(referrer_policy) + .origin(origin); + let (_url, source) = match load_whole_resource(request, &resource_threads_sender, &*global.upcast()) { diff --git a/components/script/dom/servoparser/prefetch.rs b/components/script/dom/servoparser/prefetch.rs index c7468be7c19..e5ae112620f 100644 --- a/components/script/dom/servoparser/prefetch.rs +++ b/components/script/dom/servoparser/prefetch.rs @@ -126,6 +126,7 @@ impl TokenSink for PrefetchSink { let request = image_fetch_request( url, self.origin.clone(), + self.referrer.clone(), self.pipeline_id, self.get_cors_settings(tag, local_name!("crossorigin")), self.get_referrer_policy(tag, local_name!("referrerpolicy")), diff --git a/components/script/dom/websocket.rs b/components/script/dom/websocket.rs index 89aeda77ebd..83d1cf1069d 100644 --- a/components/script/dom/websocket.rs +++ b/components/script/dom/websocket.rs @@ -198,10 +198,9 @@ impl WebSocket { let address = Trusted::new(&*ws); // Step 8. - let request = RequestBuilder::new(url_record) + let request = RequestBuilder::new(url_record, Referrer::NoReferrer) .origin(global.origin().immutable().clone()) - .mode(RequestMode::WebSocket { protocols }) - .referrer(Some(Referrer::NoReferrer)); + .mode(RequestMode::WebSocket { protocols }); let channels = FetchChannels::WebSocket { event_sender: resource_event_sender, diff --git a/components/script/dom/windowproxy.rs b/components/script/dom/windowproxy.rs index 9aac99dc447..8be356e5ea2 100644 --- a/components/script/dom/windowproxy.rs +++ b/components/script/dom/windowproxy.rs @@ -305,7 +305,7 @@ impl WindowProxy { LoadOrigin::Script(document.origin().immutable().clone()), blank_url, None, - Some(Referrer::ReferrerUrl(document.url().clone())), + document.global().get_referrer(), document.get_referrer_policy(), ); let load_info = AuxiliaryBrowsingContextLoadInfo { @@ -506,7 +506,7 @@ impl WindowProxy { let referrer = if noreferrer { Referrer::NoReferrer } else { - Referrer::Client + target_window.upcast::<GlobalScope>().get_referrer() }; // Step 14.5 let referrer_policy = target_document.get_referrer_policy(); @@ -515,7 +515,7 @@ impl WindowProxy { LoadOrigin::Script(existing_document.origin().immutable().clone()), url, Some(pipeline_id), - Some(referrer), + referrer, referrer_policy, ); let replacement_flag = if new { diff --git a/components/script/dom/workerglobalscope.rs b/components/script/dom/workerglobalscope.rs index 9cb99b7d154..3ff31542b56 100644 --- a/components/script/dom/workerglobalscope.rs +++ b/components/script/dom/workerglobalscope.rs @@ -252,7 +252,7 @@ impl WorkerGlobalScopeMethods for WorkerGlobalScope { rooted!(in(self.runtime.borrow().as_ref().unwrap().cx()) let mut rval = UndefinedValue()); for url in urls { let global_scope = self.upcast::<GlobalScope>(); - let request = NetRequestInit::new(url.clone()) + let request = NetRequestInit::new(url.clone(), global_scope.get_referrer()) .destination(Destination::Script) .credentials_mode(CredentialsMode::Include) .parser_metadata(ParserMetadata::NotParserInserted) diff --git a/components/script/dom/worklet.rs b/components/script/dom/worklet.rs index 3e92e09257d..46930bbf651 100644 --- a/components/script/dom/worklet.rs +++ b/components/script/dom/worklet.rs @@ -624,11 +624,14 @@ impl WorkletThread { // TODO: Fetch the script asynchronously? // TODO: Caching. let resource_fetcher = self.global_init.resource_threads.sender(); - let request = RequestBuilder::new(script_url) - .destination(Destination::Script) - .mode(RequestMode::CorsMode) - .credentials_mode(credentials.into()) - .origin(origin); + let request = RequestBuilder::new( + script_url, + global_scope.upcast::<GlobalScope>().get_referrer(), + ) + .destination(Destination::Script) + .mode(RequestMode::CorsMode) + .credentials_mode(credentials.into()) + .origin(origin); let script = load_whole_resource( request, diff --git a/components/script/dom/xmlhttprequest.rs b/components/script/dom/xmlhttprequest.rs index 03a5f5c7bff..2e8a37ea240 100644 --- a/components/script/dom/xmlhttprequest.rs +++ b/components/script/dom/xmlhttprequest.rs @@ -679,28 +679,29 @@ impl XMLHttpRequestMethods for XMLHttpRequest { None => None, }; - let mut request = RequestBuilder::new(self.request_url.borrow().clone().unwrap()) - .method(self.request_method.borrow().clone()) - .headers((*self.request_headers.borrow()).clone()) - .unsafe_request(true) - // XXXManishearth figure out how to avoid this clone - .body(extracted_or_serialized.map(|e| e.into_net_request_body().0)) - // XXXManishearth actually "subresource", but it doesn't exist - // https://github.com/whatwg/xhr/issues/71 - .destination(Destination::None) - .synchronous(self.sync.get()) - .mode(RequestMode::CorsMode) - .use_cors_preflight(has_handlers) - .credentials_mode(credentials_mode) - .use_url_credentials(use_url_credentials) - .origin(self.global().origin().immutable().clone()) - .referrer( - self.referrer_url - .clone() - .map(|referrer_url| Referrer::ReferrerUrl(referrer_url)), - ) - .referrer_policy(self.referrer_policy.clone()) - .pipeline_id(Some(self.global().pipeline_id())); + let mut request = RequestBuilder::new( + self.request_url.borrow().clone().unwrap(), + self.referrer_url + .clone() + .map(|url| Referrer::ReferrerUrl(url)) + .unwrap_or_else(|| self.global().get_referrer()), + ) + .method(self.request_method.borrow().clone()) + .headers((*self.request_headers.borrow()).clone()) + .unsafe_request(true) + // XXXManishearth figure out how to avoid this clone + .body(extracted_or_serialized.map(|e| e.into_net_request_body().0)) + // XXXManishearth actually "subresource", but it doesn't exist + // https://github.com/whatwg/xhr/issues/71 + .destination(Destination::None) + .synchronous(self.sync.get()) + .mode(RequestMode::CorsMode) + .use_cors_preflight(has_handlers) + .credentials_mode(credentials_mode) + .use_url_credentials(use_url_credentials) + .origin(self.global().origin().immutable().clone()) + .referrer_policy(self.referrer_policy.clone()) + .pipeline_id(Some(self.global().pipeline_id())); // step 4 (second half) match content_type { |